Bugzilla – Bug 58836
VUL-0: CVE-2004-0559: temp file problem in webmin %pre and %post scripts
Last modified: 2021-10-12 13:31:45 UTC
the %post script writes stuff into the directory /tmp/.webmin/. This directory is created in an insecure way in %pre. Please fix the .spec to not use such a directory at all.
<!-- SBZ_reproduce --> hewitt:/tmp# su - abuild hewitt:/usr/src/packages/BUILD/webmin-1.150$ cd /tmp/ hewitt:/tmp$ mkdir .webmin hewitt:/tmp$ cd .webmin/ hewitt:/tmp/.webmin$ cat /etc/issue Welcome to SuSE Linux 8.2 (i586) - Kernel \r (\l). hewitt:/tmp/.webmin$ ln -s /etc/issue webmin-setup.out hewitt:/tmp/.webmin$ l total 8 drwxr-xr-x 2 abuild abuild 4096 Aug 16 10:02 ./ drwxrwxrwt 5 root root 4096 Aug 16 10:01 ../ lrwxrwxrwx 1 abuild abuild 10 Aug 16 10:02 webmin-setup.out -> /etc/issue hewitt:/tmp/.webmin$ logout hewitt:/tmp# cd - /usr/src/packages/RPMS/noarch hewitt:/usr/src/packages/RPMS/noarch# rpm -Uvh webmin-1.150-3.noarch.rpm failed to stat /sys: No such file or directory Operating system is SuSE Linux 8.2 webmin ################################################## insserv: Service network has to be enabled for service webmin insserv: exiting now! Webmin install complete. You can now login to http://hewitt:10000/ as root with your root password. hewitt:/usr/src/packages/RPMS/noarch# head /etc/issue *********************************************************************** * Welcome to the Webmin setup script, version 1.150 * *********************************************************************** Webmin is a web-based interface that allows Unix-like operating systems and common Unix services to be easily administered. Installing Webmin in /usr/lib/webmin ... *********************************************************************** Webmin uses separate directories for configuration files and log files.
CAN-2004-0559
packages approved
CVE-2004-0559: CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:N/I:P/A:N)